Vehicles are being revolutionized with rapidly increasing adoption of modern computing and communication technologies in order to improve both user experience and safety for vehicle owners. As a result, vehicular systems that used to be closed systems are opening up various interfaces, such as cellular, 3G/4G, Bluetooth, etc., to the outside world. These interfaces introduce new opportunities for cyber attacks. There are multiple of Electronic Control Units (ECUs) installed on a modern vehicle and the ECUs communicate with each other (e.g. for sending/receiving control commands and system data) through a Controller Area Network (CAN), which is a broadcast-based bus network. There are reports of cyber attacks on vehicular systems, where an attacker compromises an ECU (perhaps through the external interface of this ECU) or connects a compromised device to the OBD-II (onboard diagnostics, second generation) port that is also connected to the CAN bus and further leverages the breach point to inject illegitimate messages on the CAN bus using spoofing to control the vehicle.
A root cause of attacks on vehicular systems is lack of authentication on CAN messages. However, it is very challenging to design a practical message authentication mechanism for the CAN bus, because the vehicular system requires very low message processing latency and ECUs typically have very limited computational power. Existing cryptographic authentication schemes are too computationally expensive to meet the requirement.
The embodiments arise in this context.